Hi .. newbie and not sure whether I am in the correct forum.
I have an internal moodle server that I am trying to make
accessable from the intranet via our Apache web server.
From my understanding ... the web address is hard coded
into the config.php file and defined by the wwwroot
This is making it hard for me ...
I tried creating a virtual host and having a separate index.php
and config.php file point to the external DNS entry.... but
found the config.php file is used in other scripts as well.
Also tried ProxyPassReverse and HTMLURLmap to provide filter,
the web pages but that cause problems too..
I am wondering if it a major job to make the wwwroot address
a RELATIVE link, so as to make it easier to proxy etc.
Or perhaps I am doing it the wrong way
I searched all around moodle.org and googled to no
Thoughts, suggestions ??
Peter de Groot
Not shure I understand your question correctly.
If you want your Moodle server to be accessible from the internet, you need an external Ip-address and domainname. Public DNS servers should point that domainname to your IP-address.
The way you handle things internally is limited by your creativity
For example my situation:
On my external IP-address (with domainnname) is a router attached. This forwards all incomming calls for port 80 (web requests) to the server where Moodle is running on (an internal IP-address). The public DNS severs point to the external IP-address of the router. My private DNS-servers point to the local IP-address of the server running Moodle.
My situation is similar ...
However, in your case ... are both the addresses (URLs) the same ?
And are they the same as the wwwroot parameter in the config.php file ??
For example ....
Outside --> peter.com.au 123.456.789.222
Inside --> peter.com.au 192.168.2.3
with config.php having
$CFG->wwwroot = 'http://peter.com.au';
I used 2 NIC's in my server, one for the internet traffic, and one, gigabit speed on the intranet. That is not really necessary. I did this (temporary) to bypass the internal firewall/proxyserver wich controlls all other internet traffic.
(some day this should be configured correctly )
here you will find the code
DNS is cheap, and it's The Right Thing(tm), so why bother with this sort of tricks that can blow in your facer later?
your advice seems sound..I have internet access enabled and working fine.
I have access to the DNS server
How do i make my moodle server (ubuntu) accessible on the LAN. Presently, it works but all requests get routed to the internet - external domain and that obviously is not as fast as our LAN.
I am no expert but can manage simple stuff so any step by step help would be appreciated.
I do not have access to my name servers, internal or external, so I am stuck with having my internal users access moodle via the internet.... Not an ideal solution at all
100 Mbit dedicated versus sharing a 1.5 Mbit DSL connection. Sigh.
Given this problem and the domain move one, which sounds frightening, I wonder if we can get way moodle uses wwwroot to a RELATIVE address.
Is that a major change ?? ...
Thanks for your help chaps
Even if you don't have access to name servers, every modern OS has a hosts file that maps names to ips. By the way, if you are using MS Active Directory (for example) you already have a DNS server. If you are running some sort of Unix/Linux (which includes MacOSX) you can install and configure a DNS server for free.
Even if you don't want to modify clients' hosts files or install an internal DNS server, you can play some tricks with NAT (SNAT or DNAT) on a Linux box to allow your users to access your internal server with your external IP (but this is more convoluted and you need to put a linux box between your internal LAN and the DSL router though). Given that this linux box won't do any processing (just route traffic), an old cheap box would do it (for 100 Mbps, you can get away with a PII-300 and 32 MB RAM with a stripped down linux installation)
If you are interested in this NAT solution, I could provide a little more details here.
Maybe I should have said ... I am working in an environment where I do not have the privileges to change the name server sections. All of the PCs get their DNS settings etc from DHCP on a MS 2003 server And on this I have no control
With some 280 clients, changing the hosts file is not really a viable option.
My moodle site is actually running on Apache on a linux firewall between our intranet and the world. That is the only machine I have control over.
Thank you anyway.
However ... I really think that making the wwwroot parameter a RELATIVE one would make things a LOT easier in a lot of instances .... YOu could then move the whole site to another web address etc etc
I have just run into this issue myself - in my case I can control everything on the LAN but have no idea on how to setup a DNS server internally. Can you give your solution? I could if needed make the box that is between the modem and the LAN the Moodle box.
We are still having problems with having a single Moodle installation within the Intranet and over the Internet at the same time. I have read many posts regarding ammending the httpd.conf file, which I cannot find. Does anyone know where this file is located?
Our IT manager also states that he has tried DNS, router and firewall issues and settings but still cannot get Intranet and Internet access. We have also added extra code within the config file, but have read elsewhere not to have 2 IP addresses within the code! even when we did add the code it did not work.
We do not have apache server but our firewall is an ISA server 2004, and Moodle operates on a Windows 2003 IIS. Can anyone please help as this has been going on for too long now.
Many thanx, Ali.
First of all, there are two possible scenarios:
- your DSL modem is really a modem, and your Moodle box gets the public (internet facing) IP. Let's say this public IP is x.y.z.w
- your DSL modem is really a router, and your Moodle box gets a private IP, and your router redirects incoming connections to that private IP. Let's say this private IP is 192.168.1.2 (with a netmask of 255.255.255.0). Let's further suppose your DSL internal private IP is 192.168.1.1 (same netmask).
Let's suppose your linux box has two network cards. One connected to the LAN, called 'eth0', with IP '192.168.0.1' and netmask '255.255.255.0'. The other connected to the DSL modem, called 'eth1', whose IP and network mask depends on beign in scenario 1 or 2.
VERY IMPORTANT: You have to make sure your web service is accepting connections on both IP addresses (the one for 'eth0' and the one for 'eth1').
Now you setup your (maybe external) DNS server to map 'my.moodle.site' to 'x.y.z.w' as usual, if you have a DNS domain name for your moodle site.
Then you setup $CFG->wwwroot in config.php to your external (public) DNS name (if you have one) or your public IP.
$CFG->wwwroot = 'http://my.moodle.site'; // if you have a DNS name
$CFG->wwwroot = 'http://x.y.z.w'; // if you don't have a DNS name
Now, in your linux box, you have to make sure your kernel has iptables support compiled in (it's on by default, unless you built your own custom kernel and forget to enable it) and have the iptables package installed.
Then, you just have to execute these commands everytime your box is restarted (these changes are lost on reboot):
/sbin/iptables -t nat -A PREROUTING -i eth0 -d x.y.z.w -j DNAT --to-destination 192.168.0.1This rule catches any incoming traffic in the internal network card directed to the public IP address and translates the x.y.z.w IP to your internal IP. As this is done prior to routing in the linux box, your linux box 'sees' this traffic as going to 192.168.0.1, which is its IP, and accepts the traffic and passes it to the relevant service (web, or others).
The above rule redirects all the traffic initially destined to x.y.z.w to 192.168.0.1. If this is not what you want, you can use other iptables options to choose only the traffic you want (see options -p, --dport, etc.).
Also, bear in mind that now your linux box has to work as a router (it sits in the middle of your LAN and your DSL modem), so you need to add all the relevant configuration to make 'forwarding' work. If you are already using your DSL modem as a sort of firewall, then just enabling 'forwarding' in Linux will be enough ('forwarding' is disabled by default in Linux). If you want a tighter firewall, you can use iptables to implement your security policy in the linux box.
To enable forwarding, you can add the following line to /etc/sysctl.conf:
net/ipv4/ip_forward=1The first time, you'll have to execute as root the following to apply the setting:
/sbin/sysctl -pHaving the line in the sysctl.conf file makes sure the setting will be re-applied automatically on every reboot.
I think I'm not forgetting anything
we've had the same problem in our environment and solved it the way as follows:
First, copy the complete moodle directory to another one called maybe moodle_intern. Make the changes to your config.php (should only be the path to the installation) and try to access your new directory from inside the network. This solution works for us like a charm. All you have to keep in mind is, that any changes you make to the one moodle installation you have to proceed also to the other one.
I haven't completely understood how you manage your access from outside the intranet - we've choosen a dyndns-redirection. You only have to tell your router to accept incoming questions on port 80 to redirect to your moodle installation on your webserver.
Good luck, ' hope it gives you some advice
We have an NT4 system set up for our users to access their account etc...
the internet connection is routed through a box called GATEWAY on which Microsoft Proxy Server is installed (a filter is connected to the internet via this). The client then has access to the internet
We have an external website http://school.sch.uk eg and have set up a DNS entry for http://moodle.school.sch.uk/ to point to our GATEWAY, it is then routed via IIS to the computer which moodle is installed on MOODLESVR
However internal clients are experienceing serious slow downs because of the DNS having to be resolved on each click, we tried changing hosts file to include moodle.school.sch.uk to point to the ip of the internal machine that moodle was installed on in the gateway. However, this host redirect ONLY worked when the gateway proxy was disabled on the clients browser, once the proxy was included in the clients browser config it didnt re-route to the internal ip and instead went out and back in again
So is it possible to add somehthing to Proxy Server to force a redirect to 172.16.1.180 when moodle.schoo.uk is targeted? Or do we need some sort of internal DNS server set up on the NT4 machine or the GATEWAY?
Another option is to setup a DMZ subnet on your network for thesee types of servers. This would be behind a dedicate port (subnet) on your router or firewall and would give you a single public address for which you could access the moodle server. Same level of protection, better actually, since it would also protect your moodle server from internal attacks and you don't have to do any fancy dns programming. This is what we use. I like it better than using a NAT setup because a lot of NAT routers riun your log files, as request appears to originate from the router.
in microsoft proxy server added an exception * intranet.stowmarkethigh.suffolk.sch.uk * DIRECT
Then on the gateways hosts added a line
intranet.stowmarkethigh.suffolk.sch.uk xxx.xxx.xxx.xx the internal ip used.
This once rebooted meant that once tracert was used via a network machine it hoped to the PDC (and queried it) which then sent it to the internal WINS machine.
Seems to work for us,
Ended up a few of the machines within our network (those closest physically to the router) were able to see it as a local intranet machine and hence have a speedy connection.
Elsewhere in the school no pcs would connect although every pc has the same hosts, dns, gateway and subnet entries.
We tried no end of "work arounds" but it seems these pcs had a mind of their own.
Eventually we configured our "DCHP" server to use a DNS server on the GATEWAY machine, we then added an entry for intranet.stowmarkethigh etc.. and pointed it to the internal ip of the network machine.
Once rebooted every pc was able to see it happily, so although its a bitch to make work DNS servers are the way to go, they actually work on all machines.
Its been a bit strange though, and were now adding wpad.dat to our network so that external machines can connect to moodle (as they dont have our DNS entries on reboot)
P.S is the HTML editor in moodle speically coded or not? i would like to use it in a site im designing because i cannot figure how to get many of these rich text ones to work :@!!